<html>
<body>
<?php
	
	include 'dbconnect.php';
	
	if(isset($_POST['act_add']))
	{
		// when adding a notification the user is the buyer
		$regUsr = $_POST['user_name'];
		$seller = $_POST['seller_name'];
		$vId = $_POST['vehicle_id'];
		
		$query = "select count(*) from Notification where 
		RegisteredUser_NonAdmins_AllUsers_LoginID = '$regUsr' and
		VehicleForSale_VehicleForSaleID = $vId";
		
		$result = mysqli_query( $mysql, $query);
		if(!$result)
			exit;
		
		$row = mysqli_fetch_row( $result );
		if($row[0] > 0)
		{
			echo 'Seller already notified</br>';
			echo'<a href="download.php?id='.$vId.'&name='.$uName.'"> Return To Listing </a>';
			exit;
		}
		else
		{
			$time = getdate();
			
			$query = "insert into Notification(
			RegisteredUser_NonAdmins_AllUsers_LoginID,
			VehicleForSale_VehicleForSaleID,
			Timestamp) values ( $regUser, $vId, $time )";
			
			$result = mysqli_query( $mysql, $query );
			if(!$result)
			{
				echo 'Failed to notify';
				echo '<a href="download.php?id='.$vId.'&name='.$uName.'"> Return To Listing </a>';
				exit;
			}
			
			echo 'Seller has been notified';
			echo '<a href="download.php?id='.$vId.'&name='.$uName.'"> Return To Listing </a>';
			
		}
		
	}
	elseif(isset($_POST['act_view']))
	{
		//when viewing the user is the seller
		$uName = $_POST['user_name'];
		
		$query = "select Notification.* from Notification join VehicleForSale on 
		VehicleForSale_VehicleForSaleID = VehicleForSaleID AND
		NonAdmins_AllUsers_LoginID = '$uName'";
		
		$result = mysqli_query($mysql, $query);
		if(!$result)
			exit;
		
		echo 'Notifications:</br>';
		
		while($row = mysqli_fetch_assoc( $result ))
		{
			$buyerName = $row["RegisteredUser_NonAdmins_AllUsers_LoginID"];
			$vId = $row["VehicleForSale_VehicleForSaleID"];
			
			$emailQuery = "select Email from NonAdmins where AllUsers_LoginID = '$buyerName'";
			$result2 = mysqli_query($mysql, $emailQuery);
			if(!$result2)
				exit;
			
			$emailRow = mysqli_fetch_assoc( $result2);
			$email = $emailRow["Email"];
			
			echo 'Buyer ID: '.$buyerName.' Email: '.$email.' Vehicle ID: '.$vId;
			echo'<form enctype="multipart/form-data" action="notify.php" method="POST">
			<input type="submit" value="Delete" name="act_delete">
			<input type="hidden" name="buyer_name" value="'.$buyerName.'">
			<input type="hidden" name="vehicle_id" value="'.$vId.'">
			<input type="hidden" name="user_name" value="'.$uName.'">
			</form>';
			echo'</br>';
			
		}
		
		$query = "select * from AllUsers where LoginID = '$uName'";
		$result = mysqli_query( $mysql, $query);
		if(!$result)
			exit;
		
		$row = mysqli_fetch_assoc( $result );
		$pass = $row["UserPassword"];
		
		echo'<form enctype="multipart/form-data" action="login.php" method="POST">
		<input type="submit" value="Return to profile">
		<input type="hidden" name="name" value="'.$uName.'">
		<input type="hidden" name="password" value="'.$pass.'">
		</form>';
		
	}
	elseif(isset($_POST['act_delete']))
	{
		$uName = $_POST['user_name'];
		$vId = $_POST['vehicle_id'];
		$buyerName = $_POST['buyer_name'];
		
		$delQuery = "delete from Notification where 
		RegisteredUser_NonAdmins_AllUsers_LoginID = '$buyerName' and
		VehicleForSale_VehicleForSaleID = $vId";

		//echo $delQuery;
		
		$result = mysqli_query( $mysql, $delQuery );
		if(!result)
		{
			echo 'Failed to delete notification';
		}
		else
			echo 'Notification deleted successfully';
		
		$query = "select * from AllUsers where LoginID = '$uName'";
		$result = mysqli_query( $mysql, $query);
		if(!$result)
			exit;
		
		$row = mysqli_fetch_assoc( $result );
		$pass = $row["UserPassword"];
		
		echo'<form enctype="multipart/form-data" action="login.php" method="POST">
		<input type="submit" value="Return to profile">
		<input type="hidden" name="name" value="'.$uName.'">
		<input type="hidden" name="password" value="'.$pass.'">
		</form>';
	}
	
	mysqli_close($mysql);
?>
</body>
</html>